IdenTrust Inc. Logo
Home | Login | Contact Us  

  
OVERVIEW DIGITAL CERTIFICATE INSTRUCTIONS FAQ LIBRARY HOW-TO DOWNLOADS
IBM HTTP Server

Support > Generation Instructions


Creating a Certificate Signing Request (CSR) and Key

Follow the step-by-step instructions to generate a certificate signing request (CSR) and key:

  1. Start the key manangement utility:
    If NT: click start button - IBM HTTP Server - Start Key Management Utility
    If Unix: type ikmgui from command line.
  2. Select Key Database File from the main menu, then select New.
  3. Select Key Database type as CMS Key database file and enter your key database name or click key.kdb if you are using the default in the new dialog box.
  4. Type and confirm your password in the Password Prompt dialog box.
    Warning: If you lose the password, you must purchase another certificate.
  5. Select Key Database File from the main menu, then select Open.
  6. Enter you key database name or click on key.kdb if you are using the default in the Open dialog box. Click Open.
  7. Select Create from the main menu, then select New Certificate Request.
  8. Enter a Key Label in the New Key and Certificate Request dialog box. Use a name/label that identifies the key and certificate in the database, for example: My Server Certificate.
    Note: In addition to generating the CSR, be sure to back up your key pair file.
  9. When creating a CSR you must follow these conventions.
    Enter the Distinguished Name Field information.
    Note: The following characters can not be accepted:
    < > ~ ! @ # $ % ^ * / \ ( ) ?
    Distinguished
    Name Field    		 Explanation Example
    Key Size Bit length—determines key length 1024
    Common Name The fully qualified domain name for your web server. This must be an exact match. If you intend to secure the URL https://www.identrust.com/, then your CSR's common name must be www.identrust.com
    Organization Name The exact legal name of your organization. Do not abbreviate your organization name. IdenTrust Inc.
    Organization Unit Section of the organization Marketing
    City or Locality The city where your organization is legally located. Salt Lake City
    State or Province Name The state or province where your organization is legally located. Can not be abbreviated. Utah
    Zip or Postal Code The postal code where your organization is legally located. 55555
    Country Name The two-letter ISO abbreviation for your country US = United States
  10. Enter the certificate request file name, or default name certreq.arm
  11. In the Information dialog box, click OK.
  12. Send the entire certificate request to IdenTrust, including ----BEGIN CERTIFICATE REQUEST---- and ----END CERTIFICATE REQUEST----

Back to Listing


RELATED CONTENT
Certificate Management Center
FAQ: Before You Buy
HOW-TO: Backup a Certificate
HOW-TO: Replace a Certificate
FAQ: General
FAQ: ACES
FAQ: ECA
FAQ: State of Washington
PKI Basics
Certificate Security and Protection
Change Control Schedules
Support Main
Contact Support
 

FEDERAL AGENCY PROGRAMS
Department of State
D-Trade
Department of Labor
Department of Labor
Department of Treasury IRS
Secure Data Transfer
MeF Electronic Filing Certificate
General Services Administration
eOffer

STATE AGENCY PROGRAMS
Florida
JCalendar for State Court Systems
West Virginia
Department of Environmental Protection
Virginia
Department of Transportation (VDOT)
Department of Mines Minerals and Energy (DMME)
 © 2008 IdenTrust Inc. All Rights Reserved    Home | Contact Us | Legal Policies IdenTrust